Silk Road forums

Discussion => Security => Topic started by: lowberry on May 10, 2012, 05:46 am

Title: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: lowberry on May 10, 2012, 05:46 am
like when ordering can I use a privnote link in the shipping info? will it be as safe as pgp?
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: vlad1m1r on May 10, 2012, 06:05 am
like when ordering can I use a privnote link in the shipping info? will it be as safe as pgp?

I can't speak for every seller but I would have absolutely no problem with this -theoretically it's not as safe as encrypting with PGP but it has the advantage that it's guaranteed to be deleted after being viewed once. Maybe you could point this out to the seller and ask them only to view the link when they actually have the package ready to be addressed?

As an alternative why not encrypt your address with the seller's public key and then put that into a privnote?

V.
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: lowberry on May 10, 2012, 06:07 am
like when ordering can I use a privnote link in the shipping info? will it be as safe as pgp?

I can't speak for every seller but I would have absolutely no problem with this -theoretically it's not as safe as encrypting with PGP but it has the advantage that it's guaranteed to be deleted after being viewed once. Maybe you could point this out to the seller and ask them only to view the link when they actually have the package ready to be addressed?

As an alternative why not encrypt your address with the seller's public key and then put that into a privnote?

V.
thats not a bad idea, i still dont know how to use pgp though
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: deadkndys420 on May 10, 2012, 08:05 am
^^^
I too had trouble with PGP but then I read this and it all became clear.

http://p3lr4cdm3pv4plyj.onion/guides/kleotxt.html
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: vlad1m1r on May 10, 2012, 10:00 am
^^^
I too had trouble with PGP but then I read this and it all became clear.

http://p3lr4cdm3pv4plyj.onion/guides/kleotxt.html

+1 Karma to deadkndys420 for providing the link to an excellent guide for getting started with PGP.

V.
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: onemanarmy81 on May 10, 2012, 02:00 pm
Awesome link deadkndys420, this whole pgp thing has been wrecking my not so smart brain for the last few weeks. Thanks to all the forum members who have been so helpful with all this as I'd still be struggling to make an order without your help. Peace & Love
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: DigitalAlch on May 10, 2012, 07:37 pm
You could trust your safety to privnote; I wouldn't but you could. It's more do you trust that they delete, and even if they do unless it's being over written many time the data is recoverable. Always handle your own encryption.

~Digi
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: somahaoma on May 10, 2012, 07:42 pm
@onemanarmy, when I started using PGP I was pretty confused, now its fairly easy, but a program that got me started was called cryptophane.. I recommend it for sure!
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: lowberry on May 11, 2012, 03:14 am
^^^
I too had trouble with PGP but then I read this and it all became clear.

http://p3lr4cdm3pv4plyj.onion/guides/kleotxt.html
thanks alot bro, that made it much easier, I think I almost got this down now, lol
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: somahaoma on May 11, 2012, 03:21 am
@onemanarmy, when I started using PGP I was pretty confused, now its fairly easy, but a program that got me started was called cryptophane.. I recommend it for sure!

I'm not sure cryptophone is supported any longer. What you could try instead is: Windows Privacy Tray (WinPT).  WinPT can be downloaded from:

Binary: http://wald.intevation.org/frs/download.php/734/winpt-1.4.3-exe.zip
Documentation: http://wald.intevation.org/frs/download.php/280/winpt-intro-1.1.1.pdf

Guru

Thx Guru for the tip :)
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: onemanarmy81 on May 11, 2012, 01:44 pm
Great info lads, thanks once again for the info much appreciated.
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: gustono on May 11, 2012, 03:31 pm
I would personally use GPG for it as it's a little bit of a hassle but worth it for the peace of mind, nice site though, use it when I'm not doing real dodgy business (like sending my adress to buy drugs) :)
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: Chuck Schumer - Democrat on May 11, 2012, 03:57 pm
like when ordering can I use a privnote link in the shipping info? will it be as safe as pgp?

HELL to the FUCK to the NO. 

I would not use that LE Honeypot, are you kidding me?  You're just going to take the word of a completely unknown entity with private information.  Again:

HELL to the FUCK to the NO. 

It is no where near as safe PGP, not even in the same universe.
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: aciddeath on May 11, 2012, 05:42 pm
it can't compare to public key crypto
however, this is a method I developed recently when placing an order with a vendor that doesn't use crypto

this is all done using tor
1. get seller's email
2. get a mailinator account
3. get a tormail account
4. register for pastebin w/mailinator address
5. activate pastebin acct, delete pastebin email from mailinator
6. make an 'unlisted' paste containing your shipping info
7. create a privnote that contains the link to the paste
8. send the privenote link to seller

pastebin will show you how many views the paste has
either confirm with the seller they've got your email or just watch how many hits it gets
then delete the paste

it's not bulletproof, but it's far better than just sending out emails containing your info
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: vlad1m1r on May 11, 2012, 07:23 pm
Thanks aciddeath,

Are there really sellers who don't use PGP/GPG? I had no idea!

V.

it can't compare to public key crypto
however, this is a method I developed recently when placing an order with a vendor that doesn't use crypto

this is all done using tor
1. get seller's email
2. get a mailinator account
3. get a tormail account
4. register for pastebin w/mailinator address
5. activate pastebin acct, delete pastebin email from mailinator
6. make an 'unlisted' paste containing your shipping info
7. create a privnote that contains the link to the paste
8. send the privenote link to seller

pastebin will show you how many views the paste has
either confirm with the seller they've got your email or just watch how many hits it gets
then delete the paste

it's not bulletproof, but it's far better than just sending out emails containing your info
Title: Re: Can I use Privnote.com when sending my address as an alternative to PGP?
Post by: sniper123 on June 04, 2012, 02:36 pm
Thanks aciddeath,

Are there really sellers who don't use PGP/GPG? I had no idea!

V.

it can't compare to public key crypto
however, this is a method I developed recently when placing an order with a vendor that doesn't use crypto

this is all done using tor
1. get seller's email
2. get a mailinator account
3. get a tormail account
4. register for pastebin w/mailinator address
5. activate pastebin acct, delete pastebin email from mailinator
6. make an 'unlisted' paste containing your shipping info
7. create a privnote that contains the link to the paste
8. send the privenote link to seller

pastebin will show you how many views the paste has
either confirm with the seller they've got your email or just watch how many hits it gets
then delete the paste

it's not bulletproof, but it's far better than just sending out emails containing your info
Yeah, there are a few vendors that don't use pgp. You would be surprised.